Wednesday, October 2, 2013

Hello Obamacare, Goodbye Privacy: First Data Leak Reported and the System Isn’t Even Live Yet

by: Daisy Luther

The sanctity of medical privacy and doctor-patient privilege is a thing of the past with Obamacare.

The insurance exchange database hasn’t even gone live yet, and there has been a security breach that left the personal information of 2400 people exposed.

An employee of Minnesota’s Obamacare exchange, MNsure, sent an unencrypted file to the wrong person and left 2,400 people’s private information at the mercy of a nearby insurance agent.

One exchange staffer’s simple mistake gave insurance broker Jim Koester access to an Excel document of Social Security numbers, names, addresses and other personal data for whole a list of insurance agents. Luckily for the 2,400, Koester was cooperative — and unnerved.

“The more I thought about it, the more troubled I was,” Koester told the Minnesota Star Tribune. “What if this had fallen into the wrong hands? It’s scary. If this is happening now, how can clients of MNsure be confident their data is safe?” (source)

No longer will your private information be only at the hands of those in your doctor’s office and the insurance company that you have chosen. Now everything about you and your family will be present in a giant national data base. When did you have your last pap smear? Is your husband having a “little issue” in the bedroom? Has your teenage daughter hit puberty yet? Are you depressed or angry about an event in your life? Prepare to have your family secrets and private concerns open to thousands of people as we all become part of one gigantic hub.

We don’t just have to worry about random, accidental exposure. Our records will be open to analysis – just to make things more efficient, you understand. According to an article on the Daily Caller, there will be staffers whose job specifically entails snooping through your records to properly catalogue you and place you in your slot.

Obamacare exchange officials aren’t the only agents that will have access to private consumer data in the data hub. Along with any federal or state officials working with Obamacare, program “navigators” will have access to consumer information in order to help them make decisions about what insurance plan is the right choice.

Navigators will only receive 20 hours of training before having access to consumer data, a policy which turned heads at a tense congressional hearing. Pennsylvania Republican Rep. Scott Perry pointed out, “It takes 1,250 hours to become a barber in Pennsylvania, but to navigate insurance, these folks are going to be advising us with 20 hours?” (source)

There are enough glaring issues with this complete lack of privacy to get the wheels of any self-respecting conspiracy theorist turning. Here are a few scenarios that explain why this privacy breach could be an incredibly big deal.

Think about some of the ramifications of having your private information in this large electronic network. How easy would it be for algorithms to be run to pinpoint “threats” to any given agenda?

Don’t believe in vaccinating your kids? It’s in the database.

Don’t believe in taking psychiatric medication? It’s in the database.

Refuse to get “the chip” at some point in the future? It’s in the database.

Decline the flu shot?It’s in the database.

Did you tell the doctor that, yes, you do have guns in your home? It’s in the database.

Decline answering the physician’s intrusive questions about firearms in your home? It’s in the database.

After the mysterious death of journalist Michael Hastings a few months ago, suspicions arose that the automobile accident that took his life was the result of a remote attack on the computers on his vehicle. Now, with the ability for this type of “hacking” what about the medical devices that keep many people alive? The insulin pumps and the pacemakers that have been implanted to keep people alive will be documented by serial number on a database that tens of thousands of regular people will have access to, not to mention the thugs in government who have all sorts of computer wizards at their disposal. Recently the world’s most elite hacker mysteriously died just hours before he was to speak at a large convention about the ease with which medical devices could be hacked.

The skullduggery wouldn’t even have to be as high-tech as hacking medical devices. Small changes in a person’s online medical records could mean death at the hands of misinformed medical personnel.

We know how simple it is to hack a social network account, or email, or even a web site. Millions of credit card numbers are stolen through online hacking on a daily basis across the world. We’ve had hackers gain access to essential grid utilities like an Illinois water utility plant and take control of its treatment facilities. We’re also well aware of the fact that our major oil refineries and power grid have staggering security holes.

The threat of malicious attacks is more real now than ever before as more systems come online and connect directly to the internet.

Our medical records are no different. In fact, with so many people across the country having user accounts to the front and back end systems, these system may be more vulnerable than even our personal email accounts.

The critical difference here is that access to your medical records poses an immediate and catastrophic threat to your health and well being.

Whether by accident or on purpose, your personal files can be easily accessed and modified. According to Karl Denninger, the scary thing is that it can be done with “no notification of the change in the system, no audit trail that was immediately visible on the change and no means for the attending physician to immediately, at a glance, know that the record had been changed.”

What’s worse is that the medical establishment believes that it actually owns your medical records. Heck, we don’t even own our DNA any more according to the Supreme Court, so it would only make sense that your medical history, diagnoses over the years, treatments and assessments belong not to you, but to the government and medical industry. This, of course, further complicates the issue, as you have no idea what may have been modified because gaining access to your records may require you to jump through hoops for weeks or months to obtain a copy of your personal medical history.

Thousands of Americans are killed every year because of medical malpractice. And in coming years, as we become more dependent on Electronic Health Records, there is a real possibility that nefarious individuals with the intent to harm you directly, or even engage in a mass attack on our health care system, will modify medical records with the intention of killing people remotely.

It sure seems like a convenient mechanism for engaging in stealth assassinations should someone choose to do so. (source)

Small changes, like removing a warning about a life-threatening allergy or deleting records of a medication you take that has severe interactions with other medications, could mean death by medical malpractice. It wouldn’t have to be a men-in-black government operation – it could just be a garden variety kook with hacking skills or with access to the system. In the game of life and death, it doesn’t really matter who kills you. We have to be aware that we are having this vulnerability forced upon us by Obamacare.

Most people really don’t think too much about privacy if they are getting something “free” out of the deal. People gladly give up their home addresses and phone numbers in order to get a small discount or collect “points” at retail outlets everywhere, not considering that their every purchase is now in a database. People open up their bank and tax records in order to score a few extra dollars in government handouts.

As more people become aware of the dangers they face with the lack of medical privacy, medical care will suffer. Many of us will be aware that we can’t discuss things with our doctors that actually might have a bearing on our healthcare – like our concerns about a family member’s depression, an intimate health problems that might have ramifications that would help a doctor diagnose a serious condition, or our refusal to vaccinate our children.

Daisy Luther is a freelance writer and editor. Her website, The Organic Prepper, offers information on healthy prepping, including premium nutritional choices, general wellness and non-tech solutions. You can follow Daisy on Facebook and Twitter, and you can email her at daisy@theorganicprepper.ca